Malware Analysis - ConfuserEx 2 Deobfuscation with Python and dnlib, BBTok Loader

Поділитися
Вставка
  • Опубліковано 17 лис 2024

КОМЕНТАРІ • 14

  • @VincentDegrave
    @VincentDegrave Місяць тому +1

    Nice video good tech skills on how to.
    Dank u wel!

  • @sachin-tr4nc
    @sachin-tr4nc Місяць тому

    Thanks for the Detail video Kristan sir, Really Informative video with Good Explanation, Appreciate your Hard work making these videos, Best wishes 😊

  • @Bars_Mutlu-qf4gj
    @Bars_Mutlu-qf4gj Місяць тому

    Brooo you are such a legend!!! please keep going! Respects from Germany

  • @opmfa1850
    @opmfa1850 Місяць тому

    excellent as usual. thanx a lot

  • @RazviOverflow
    @RazviOverflow Місяць тому

    Amazing content. Thank you :)

  • @mohammedfouad-m9d
    @mohammedfouad-m9d 15 днів тому

    if it is possible could you make a video on how to write a good malware analysis report in a professional way?

  • @awesomesauce804
    @awesomesauce804 Місяць тому

    @ 21:15 you want to Ctrl + alt + p and then change python interpreter to the version your pip is installing to. If that doesn't work just Ctrl + alt + p and type python and click restart interpreter.

    • @MalwareAnalysisForHedgehogs
      @MalwareAnalysisForHedgehogs  Місяць тому

      Hi, thanks, but I am not sure how this is supposed to help here. You cannot install dnlib with pip.

    • @awesomesauce804
      @awesomesauce804 Місяць тому

      @@MalwareAnalysisForHedgehogs oh sorry haha I missed that it was dnlib -- I just have similar issues all the time. Sorry for the confusion. Great video I learned some things about working with the assemblies from powershell. Thanks for putting out quality content. I was particularly impressed with how well you write functions --- I am quite a lot slower and make more mistakes. Looking forward to seeing more videos!

  • @opmfa1850
    @opmfa1850 16 днів тому

    how can i debug (dynamic analysis) a .net dll file? in x32dbg we use rundll32.exe what can we use in dbspy??

    • @MalwareAnalysisForHedgehogs
      @MalwareAnalysisForHedgehogs  16 днів тому +1

      Load it from PowerShell terminal, then attach dnspy as debugger, then call the export you want to call from PowerShell terminal.

    • @opmfa1850
      @opmfa1850 16 днів тому

      @@MalwareAnalysisForHedgehogs so i attach dnspy to powershell process?

    • @MalwareAnalysisForHedgehogs
      @MalwareAnalysisForHedgehogs  16 днів тому +1

      @@opmfa1850 Yes.
      You can watch the last part here, where I am doing exactly that: ua-cam.com/video/wLf_Ln8jupY/v-deo.htmlsi=egD5PsCCLoxEdkye&t=1299

    • @opmfa1850
      @opmfa1850 16 днів тому

      @@MalwareAnalysisForHedgehogs yet another great tutorial. learned more tricks 🥰